The Pantheon Terminus Command-Line Interface is by design a secure and reliable way to interact with and automate operation on the Pantheon platform. Commands are always sent using TLS encryption over HTTPS, or via ssh in some instances. In order to have the best possible experience with Terminus, and maintain the security of your site assets, you should always follow basic security best practices when using Terminus.

Always keep your machine tokens secure. If you expose a machine token in a location where an outside party can observe it, anyone who uses that token can act with the privileges of the user that created it. Always revoke any machine token that is compromised.

Terminus plugins should only be used from trusted sources. Pantheon only endorses plugins published in the pantheon-systems Github organization.

Terminus, and by extension, Terminus plugins, rely on Open Source libraries to perform its functions. Whenever a vulnerability is discovered in one of these libraries, and a remediation is published, Pantheons automated security automation will raise a notification, and a new release of Terminus will be released. Note that most conceivable dependency vulnerabilities are not a concern for Terminus users, as there is no mechanism for an outside party to send commands to Terminus; therefore, there should not be an attack vector inside Terminus that could be leveraged via a published security vulnerability. Pantheon still recommends that all users upgrade to the latest available Terminus release, to ensure the reliability and security of your infrastructure.

During plugin installation and updates, Terminus uses Composer to update dependencies for the plugin. The default behavior of Composer checks all dependencies against the published list of known security vulnerabilities, and will cause the plugin operation to fail if any insecure dependencies exist. Pantheon has disabled this behavior for Terminus and Terminus plugins by setting config.audit.block-insecure to false in Terminus' composer.json file. Pantheon issues timely updates for Terminus to mitigate security risks. However, we’ve disabled the Composer audit to prevent unnecessary noise that might disrupt the user experience."

Use terminus self:update to update Terminus to the latest available version.